|
|
|
|
@ -37,6 +37,29 @@
|
|
|
|
|
|
|
|
|
|
typedef pb_byte_t proof_entry[SHA256_DIGEST_LENGTH];
|
|
|
|
|
|
|
|
|
|
#define SIGNATURE_THRESHOLD 2
|
|
|
|
|
#define DEFS_PUBLIC_KEYS_COUNT 3
|
|
|
|
|
|
|
|
|
|
const ed25519_public_key DEFS_PUBLIC_KEYS[DEFS_PUBLIC_KEYS_COUNT] = {
|
|
|
|
|
"\x43\x34\x99\x63\x43\x62\x3e\x46\x2f\x0f\xc9\x33\x11\xfe\xf1\x48\x4c\xa2"
|
|
|
|
|
"\x3d\x2f\xf1\xee\xc6\xdf\x1f\xa8\xeb\x7e\x35\x73\xb3\xdb",
|
|
|
|
|
"\xa9\xa2\x2c\xc2\x65\xa0\xcb\x1d\x6c\xb3\x29\xbc\x0e\x60\xbc\x45\xdf\x76"
|
|
|
|
|
"\xb9\xab\x28\xfb\x87\xb6\x11\x36\xfe\xaf\x8d\x8f\xdc\x96",
|
|
|
|
|
"\xb8\xd2\xb2\x1d\xe2\x71\x24\xf0\x51\x1f\x90\x3a\xe7\xe6\x0e\x07\x96\x18"
|
|
|
|
|
"\x10\xa0\xb8\xf2\x8e\xa7\x55\xfa\x50\x36\x7a\x8a\x2b\x8b",
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
#if DEBUG_LINK
|
|
|
|
|
const ed25519_public_key DEFS_PUBLIC_KEYS_DEV[DEFS_PUBLIC_KEYS_COUNT] = {
|
|
|
|
|
"\x68\x46\x0e\xbe\xf3\xb1\x38\x16\x4e\xc7\xfd\x86\x10\xe9\x58\x00\xdf"
|
|
|
|
|
"\x75\x98\xf7\x0f\x2f\x2e\xa7\xdb\x51\x72\xac\x74\xeb\xc1\x44",
|
|
|
|
|
"\x8d\x4a\xbe\x07\x4f\xef\x92\x29\xd3\xb4\x41\xdf\xea\x4f\x98\xf8\x05"
|
|
|
|
|
"\xb1\xa2\xb3\xa0\x6a\xe6\x45\x81\x0e\xfe\xce\x77\xfd\x50\x44",
|
|
|
|
|
"\x97\xf7\x13\x5a\x9a\x26\x90\xe7\x3b\xeb\x26\x55\x6f\x1c\xb1\x63\xbe"
|
|
|
|
|
"\xa2\x53\x2a\xff\xa1\xe7\x78\x24\x30\xbe\x98\xc0\xe5\x68\x12",
|
|
|
|
|
};
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
struct EncodedDefinition {
|
|
|
|
|
// prefix
|
|
|
|
|
pb_byte_t format_version[FORMAT_VERSION_LENGTH];
|
|
|
|
|
@ -51,16 +74,17 @@ struct EncodedDefinition {
|
|
|
|
|
uint8_t proof_length;
|
|
|
|
|
const proof_entry *proof;
|
|
|
|
|
|
|
|
|
|
const ed25519_signature *signed_root_hash;
|
|
|
|
|
uint8_t sigmask;
|
|
|
|
|
const uint8_t *signature;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
static bool parse_encoded_definition(struct EncodedDefinition *const result,
|
|
|
|
|
const pb_size_t size,
|
|
|
|
|
const pb_byte_t *bytes) {
|
|
|
|
|
// format version + definition type + data version + payload length + payload
|
|
|
|
|
// (at least 1B) + proof length + signed Merkle tree root hash
|
|
|
|
|
if (size < (FORMAT_VERSION_LENGTH + 1 + 4 + 2 + 1 + 1 +
|
|
|
|
|
MERKLE_TREE_SIGNED_ROOT_SIZE)) {
|
|
|
|
|
// (at least 1B) + proof length + sigmask + signature
|
|
|
|
|
if (size < (FORMAT_VERSION_LENGTH + 1 + 4 + 2 + 1 + 1 + 1 +
|
|
|
|
|
sizeof(ed25519_signature))) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@ -88,13 +112,15 @@ static bool parse_encoded_definition(struct EncodedDefinition *const result,
|
|
|
|
|
|
|
|
|
|
// check the whole size of incoming bytes array
|
|
|
|
|
if (size != (cursor - bytes) + result->proof_length * sizeof(proof_entry) +
|
|
|
|
|
MERKLE_TREE_SIGNED_ROOT_SIZE) {
|
|
|
|
|
1 + sizeof(ed25519_signature)) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
result->proof = (proof_entry *)cursor;
|
|
|
|
|
cursor += result->proof_length * sizeof(proof_entry);
|
|
|
|
|
|
|
|
|
|
result->signed_root_hash = (ed25519_signature *)cursor;
|
|
|
|
|
result->sigmask = *cursor;
|
|
|
|
|
cursor += 1;
|
|
|
|
|
result->signature = cursor;
|
|
|
|
|
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
@ -160,12 +186,13 @@ static bool decode_definition(const pb_size_t size, const pb_byte_t *bytes,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// and verify its signature
|
|
|
|
|
if (ed25519_sign_open(hash, SHA256_DIGEST_LENGTH, DEFINITIONS_PUBLIC_KEY,
|
|
|
|
|
*(parsed_def.signed_root_hash)) != 0
|
|
|
|
|
if (!cryptoCosiVerify(parsed_def.signature, hash, sizeof(hash),
|
|
|
|
|
SIGNATURE_THRESHOLD, DEFS_PUBLIC_KEYS,
|
|
|
|
|
DEFS_PUBLIC_KEYS_COUNT, parsed_def.sigmask)
|
|
|
|
|
#if DEBUG_LINK
|
|
|
|
|
&&
|
|
|
|
|
ed25519_sign_open(hash, SHA256_DIGEST_LENGTH, DEFINITIONS_DEV_PUBLIC_KEY,
|
|
|
|
|
*(parsed_def.signed_root_hash)) != 0
|
|
|
|
|
&& !cryptoCosiVerify(parsed_def.signature, hash, sizeof(hash),
|
|
|
|
|
SIGNATURE_THRESHOLD, DEFS_PUBLIC_KEYS_DEV,
|
|
|
|
|
DEFS_PUBLIC_KEYS_COUNT, parsed_def.sigmask)
|
|
|
|
|
#endif
|
|
|
|
|
) {
|
|
|
|
|
// invalid signature
|
|
|
|
|
|
matejcik
1 year ago
committed by